Overview The Attack Surface Management Director is responsible for the global identification and assessment of vulnerabilities, scope and execution of security penetration tests, and the remediation of resulting vulnerabilities. Sets the global strategy and direction for attack surface reduction with the sole goal to reduce vulnerabilities and ensure the protection of PepsiCo assets. Responsibilities Provide leadership, direction, and strategy on all matters related to the identification and remediation of vulnerabilities for PepsiCo Set strategy for vulnerability assessment and configuration assessment tools Deliver multi-year roadmaps for the Attack Surface Management function Manage contracts with 3rd party vendors including SOWs, RFPs, and escalations Run day to day operations including vulnerability assessments and remediation efforts Lead and manage team of subject matter experts including staffing and day to day management Generate reports on assessment findings and summarize to facilitate remediation Conduct penetration tests, Red Team exercises, including management of the annual penetration testing by an independent 3rd party Defines vulnerability, configuration, and coverage KPIs/metrics to demonstrate assessment coverage and remediation effectiveness Communicate security and compliance issues in an effective and appropriate manner Recommend appropriate containment and remediation strategies to mitigate risks and drive information systems to employ appropriate level of information security controls COVID-19 vaccination is a condition of employment for this role. Please note that all such company vaccine requirements provide the opportunity to request an approved accommodation or exemption under applicable law Qualifications A bachelors degree in Computer Science, Cyber Security, or the equivalent 3-5+ years of experience in information security vulnerability management role Bonus: Certification as an information systems security professional (e.g., GIAC, CISSP, CISM, CRISC, CIPP, CISA, GICSP Experience with large scale and complex environments similar to PepsiCo Demonstrated ability to perform independent analysis of complex problems and distill relevant findings and root causes A broad and deep understanding of cybersecurity threats, vulnerabilities, controls, and remediation strategies Applied knowledge and experience in cybersecurity, technology infrastructure, vulnerability management, application security, and security and controls Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and the associated impact on the organization An ability to effectively influence others to modify their opinions, plans, or behaviors Excellent interpersonal skills and strong verbal and written communication An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily-understood, authoritative, and actionable manner Strong organizational skills with proven ability to manage multiple high visibility issues simultaneously Proactive attitude, seeking for improvement opportunities which can positively impact the security posture and the business Differentiating Competencies Ability to lead security initiatives that require partnership with other technology groups Strong project management skills with the ability to react to high pressure dynamic changing environments Excellent oral and written communication skills with the ability to communicate complex and technical issues to diverse audiences including executive management and leaders outside of the information technology organization Key Relationships: Partners across IT (e.g., IT Operations, IT Engineering, Managed Service Providers, application development teams) to implement security solutions Partners with internal and external business partners, including third party/external development teams EEO Statement All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status. PepsiCo is an Equal Opportunity Employer: Female / Minority / Disability / Protected Veteran / Sexual Orientation / Gender Identity If you'd like more information about your EEO rights as an applicant under the law, please download the available EEO is the Law & EEO is the Law Supplement documents. View PepsiCo EEO Policy. Please view our Pay Transparency Statement","location_name":"TX-Plano-7701a-HDQ-TX224B","street_address":"7701 Legacy Dr","city":"Plano","state":"Texas